Known Exploited Vulnerability Feed
Evidence-backed KEV intelligence enriched with confidence scoring, exploitation status, CISA KEV status, and sensor telemetry.
| CVE | Product | Vendor | Confidence | Exploitation Status | Sensors | First Seen | Added | Artifacts |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-33891 | Apache Spark | Apache Software Foundation | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Scanner
|
| CVE-2022-35914 | GLPI | GLPI | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Scanner
|
| CVE-2022-36537 | ZK Framework | Potix Corporation | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Scanner
|
| CVE-2022-47986 | Aspera Faspex | IBM | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Scanner
|
| CVE-2022-46169 | cacti | Cacti | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Scanner
|
| CVE-2023-21715 | Microsoft 365 Apps for Enterprise | Microsoft | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
Scanner
|
| CVE-2023-23376 | Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation) | Microsoft | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
Scanner
|
| CVE-2023-23529 | iOS and iPadOS, Safari, macOS | Apple | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
Scanner
|
| CVE-2023-21823 | Microsoft Office for Android, Microsoft Office for Universal, Microsoft Office for iOS, Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation) | Microsoft | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Scanner
|
| CVE-2015-2291 | Ethernet diagnostics driver for Windows | Intel | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Scanner
|
| CVE-2022-24990 | NAS | TerraMaster | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Scanner
|
| CVE-2023-0669 | Goanywhere MFT | Fortra | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Scanner
|
| CVE-2022-21587 | Web Applications Desktop Integrator | Oracle Corporation | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Scanner
|
| CVE-2023-22952 | SugarCRM | SugarCRM | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Scanner
|
| CVE-2017-11357 | Telerik UI for ASP.NET AJAX | Progress | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
Scanner
|
| CVE-2022-47966 | ManageEngine | Zoho | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Scanner
|
| CVE-2022-44877 | Control Web Panel | CWP (Control Web Panel) | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Scanner
|
| CVE-2022-41080 | Microsoft Exchange Server 2016 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 12, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2016 Cumulative Update 22 | Microsoft | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
Scanner
|
| CVE-2023-21674 | Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows 8.1, Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation) | Microsoft | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Scanner
|
| CVE-2018-5430 | TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, TIBCO Jaspersoft Reporting and Analytics for AWS | TIBCO Software Inc. | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
Scanner
|
| CVE-2018-18809 | TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, TIBCO Jaspersoft Reporting and Analytics for AWS | TIBCO Software Inc. | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Nuclei
Scanner
|
| CVE-2022-42856 | tvOS | Apple | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
Scanner
|
| CVE-2022-42475 | FortiProxy, FortiOS | Fortinet | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Scanner
|
| CVE-2022-44698 | Windows 10 Version 1809, Windows Server 2019, Windows 10 Version 21H1, Windows Server 2022, Windows 10 Version 20H2, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 10 Version 1607, Windows Server 2016 | Microsoft | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
Scanner
|
| CVE-2022-27518 | Citrix Gateway, Citrix ADC | Citrix | Confirmed | Active exploitation | — | over 3 years ago | over 3 years ago |
PoC
Scanner
|